python3: upgrade 3.13.3 -> 3.13.4

Security content in this release:
- gh-135034: Fixes multiple issues that allowed tarfile extraction filters
  (filter="data" and filter="tar") to be bypassed using crafted symlinks and
  hard links. Addresses CVE-2024-12718, CVE-2025-4138, CVE-2025-4330, and
  CVE-2025-4517.
- gh-133767: Fix use-after-free in the “unicode-escape” decoder with a non-
  “strict” error handler.
- gh-128840: Short-circuit the processing of long IPv6 addresses early in
  ipaddress to prevent excessive memory consumption and a minor denial-of-service.

Includes additional standard library improvements and bug fixes.

References:
https://docs.python.org/3/whatsnew/changelog.html#python-3-13-4-final
https://www.python.org/downloads/release/python-3134/

Signed-off-by: Praveen Kumar <praveen.kumar@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>

diff --git a/meta/recipes-devtools/python/python3_3.13.3.bb b/meta/recipes-devtools/python/python3_3.13.4.bb
similarity index 99%
rename from meta/recipes-devtools/python/python3_3.13.3.bb
rename to meta/recipes-devtools/python/python3_3.13.4.bb
index 11dd6f4b8f0907b4b31ed1b556fd192e44c72067..5b49fee3bff88b59b0b2b4b5b3126dcc28f4349e 100644 (file)
--- a/meta/recipes-devtools/python/python3_3.13.3.bb
+++ b/meta/recipes-devtools/python/python3_3.13.4.bb
@@ -36,7 +36,7 @@ SRC_URI:append:class-native = " \
            file://0001-Lib-sysconfig.py-use-prefix-value-from-build-configu.patch \
            "
 
-SRC_URI[sha256sum] = "40f868bcbdeb8149a3149580bb9bfd407b3321cd48f0be631af955ac92c0e041"
+SRC_URI[sha256sum] = "27b15a797562a2971dce3ffe31bb216042ce0b995b39d768cf15f784cc757365"
 
 # exclude pre-releases for both python 2.x and 3.x
 UPSTREAM_CHECK_REGEX = "[Pp]ython-(?P<pver>\d+(\.\d+)+).tar"